Change Auditor Suite

Change Auditor Suite
Change Auditor Suite

Change Auditor Suite

Real-time security and IT auditing for your Microsoft Windows environment

Change reporting and access logging for Active Directory (AD) and enterprise applications is cumbersome, time-consuming and, in some cases, impossible using native IT auditing tools. This often results in data breaches and insider threats to AD and other Microsoft platforms, and can go undetected without protections in place.

Fortunately, there's Change Auditor. With Change Auditor, you get complete, real-time IT auditing, in-depth forensics and comprehensive security monitoring on all key configuration, user and administrator changes for Microsoft Active Directory, Azure AD, Exchange, Office 365, Exchange Online, file servers and more. Change Auditor also tracks detailed user activity for logons, authentications and other key services across enterprises to enhance threat detection and security monitoring. A central console eliminates the need and complexity for multiple IT audit solutions.

Features:
Hybrid environment auditing with a correlated view
Get a single, correlated view of activity across your hybrid Microsoft environments, ensuring visibility to all changes taking place, whether on premises or in the cloud. Audit hybrid environments and data including:

  • AD and Azure AD users, groups, roles, identities and more
  • Exchange and Exchange Online mailbox logins/activity, non-owner mailbox access, distribution groups and more
  • SharePoint / SharePoint Online / OneDrive for Business files, folders, and more
  • And AD logons and Azure AD sign-ins

Change prevention
Protect against changes to critical data within AD, Exchange and Windows file servers, including privileged groups, Group Policy objects and sensitive mailboxes.

Auditor-ready reporting
Generate comprehensive reports for security best practices and regulatory compliance mandates, including SOX, PCI-DSS, HIPAA, FISMA, GLBA and more.

Improved insights with IT Security Search
Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualizations and event timelines.

Simplified investigations
Capture the originating IP address and workstation name for account lockout events, and view related logon and access attempts in an interactive timeline. This helps simplify detection and investigation of internal and external security threats.

High-performance auditing engine
Remove auditing limitations and capture access and security events without the need for native audit logs, resulting in faster results and incident response.

Security timelines
View, highlight and filter change events and discover their relation to other security events in chronological order across your AD and Microsoft platforms for better forensic analysis and security incident response.

Related searches
Get one-click, instant access to information on the change you’re viewing and all related events, such as what other access attempts were made by specific users, and when and where they were logged in. This simplifies the investigation of insider threats.

Integrated event forwarding
Easily integrate with various solutions to get the most from your Change Auditor logs, including:

  • Integrate with SIEM solutions by forwarding Change Auditor events to Splunk, HP Arcsight or IBM QRadar.
  • Integrate with Quest InTrust for long-term 20:1 compressed event storage and aggregation of native or third-party logs to reduce storage costs on SIEM forwarding and create a highly-compressed log repository.

Real-time alerts on the move
Receive critical change and pattern alerts to email and mobile devices to prompt immediate action, enabling you to respond faster to threats even while you’re not on site.

Role-based access
Configure access so auditors can run searches and reports without making any configuration changes to the application, and without requiring the assistance and time of IT administrators.

Web-based access with dashboard reporting
Search security and access events from anywhere using a web browser and create targeted dashboards to provide upper management and auditors with access to the information they need without having to understand architectures.


Back to category: Security & Compliance
Back to Solutions